Multiple holes in Cacti spiked
Security researchers in Italy have discovered multiple security vulnerabilities in the Cacti open source network stats program. These have now been fixed and an updated version has been issued. The vulnerabilities could be exploited by attackers to carry out SQL injection or cross-site scripting attacks.
A number of scripts fail to check arguments passed to them, allowing attackers to send commands to the underlying MySQL database to read or manipulate content. The security advisory lists the files
id parameter) and
login_username parameter) as being vulnerable to injection of SQL commands.
Cross-site scripting is apparently possible in the files
filter parameter) and
login_username parameters). The
local_graph_id parameter in
graph.php also allows attackers to read the path to Cacti.
The bugs are present in Cacti versions 0.8.7a and earlier. The development team has now released versions 0.8.7b and 0.8.6k in which the vulnerabilities are fixed. Cacti users should download and install the updated version without delay.
- Multiple Vulnerabilities in Cacti, security advisory from Francesco "ascii" Ongaro and Antonio "s4tan" Parata
- The latest version of Cacti
- Changelog, summary of changes in Cacti